> ## Documentation Index > Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt > Use this file to discover all available pages before exploring further. # Payload Guide for EnkryptAI Red Teaming API (V3) > Overview and quick reference for building red team test payloads The payload for EnkryptAI's Red Teaming API V3 is structured as a JSON object with four primary sections: `test_name` (required), `dataset_configuration`, `redteam_test_configurations`, and `endpoint_configuration`. **Required Field**: `test_name` is required for all red team tests. It must be a unique identifier for your test run. Foundation model and agent test catalogs Comprehensive guide to all attack methods Detailed configuration reference Ready-to-use payload examples ## What's New in V3 V3 introduces significant enhancements to attack methods configuration: * **Granular Parameter Control**: Each attack method now supports specific parameters for fine-tuned testing * **Structured Attack Hierarchy**: Clear organization of basic, static, and dynamic attack methods * **Enhanced Attack Methods**: Expanded suite of encoding, obfuscation, and multi-modal attack techniques ### V2 to V3 Migration **V2 Format (Legacy):** ```json theme={"system"} { "redteam_test_configurations": { "privacy_test": { "sample_percentage": 50, "attack_methods": { "basic": ["basic"], "advanced": { "static": ["encoding"], "dynamic": ["iterative"] } } } } } ``` **V3 Format (Current):** ```json theme={"system"} { "redteam_test_configurations": { "privacy_test": { "sample_percentage": 50, "attack_methods": { "basic": {"basic": {"params": {}}}, "static": { "base64_encoding": { "params": {"encoding_type": "base64", "iterations": 2} } }, "dynamic": { "iterative": { "params": { "width": 5, "branching_factor": 9, "depth": 3 } } } } } } } ``` **Key Changes:** 1. Attack methods are now objects with `params` instead of arrays 2. Each attack method requires a `params` object (can be empty `{}`) 3. Use specific encoding keywords (e.g., `base64_encoding` instead of generic `encoding`) 4. Configure parameters for iterative attacks: `width`, `branching_factor`, `depth` ## Quick Reference: Attack Methods Choose attack methods based on your model type and security testing needs. This table provides an enhanced overview of all available attack methods. ### By Model Type | Attack Method | Keyword | Category | Use When | Parameters | Complexity | | ------------------ | ----------------- | -------- | ------------------------- | ------------------------------------ | ----------- | | **Raw Prompts** | `basic` | Basic | Always (baseline) | None | ⭐ Low | | **Obfuscation** | `obfuscation` | Static | Standard testing | None | ⭐⭐ Medium | | **Base64** | `base64_encoding` | Static | Encoding evasion | `iterations` (1-3) | ⭐⭐ Medium | | **Hexadecimal** | `hex_encoding` | Static | Technical filters | None | ⭐⭐ Medium | | **ASCII** | `ascii_encoding` | Static | Text filters | None | ⭐⭐ Medium | | **Binary** | `binary_encoding` | Static | Advanced encoding | None | ⭐⭐ Medium | | **URL Encoding** | `url_encoding` | Static | Web applications | None | ⭐ Low | | **Leet Speak** | `leet_encoding` | Static | Character matching | None | ⭐ Low | | **ROT13** | `rot13_encoding` | Static | Cipher testing | None | ⭐ Low | | **ROT21** | `rot21_encoding` | Static | Cipher testing | None | ⭐ Low | | **Morse Code** | `morse_encoding` | Static | Unique encoding | None | ⭐⭐ Medium | | **French** | `lang_fr` | Static | Multilingual bypass | None | ⭐⭐ Medium | | **Italian** | `lang_it` | Static | Multilingual bypass | None | ⭐⭐ Medium | | **Hindi** | `lang_hi` | Static | Non-Latin scripts | None | ⭐⭐ Medium | | **Spanish** | `lang_es` | Static | Multilingual bypass | None | ⭐⭐ Medium | | **Japanese** | `lang_ja` | Static | Asian languages | None | ⭐⭐ Medium | | **EAI Attack** | `eai_attack` | Static | Advanced jailbreak | None | ⭐⭐⭐ High | | **Deep Inception** | `deep_inception` | Static | Nested injection | None | ⭐⭐⭐ High | | **Iterative** | `iterative` | Dynamic | Adaptive attacks | `width`, `branching_factor`, `depth` | ⭐⭐⭐ High | | **Multi-Turn** | `multi_turn` | Dynamic | Conversation exploit | None | ⭐⭐⭐ High | | **Red Team Agent** | `rt_agent` | Dynamic | Advanced adaptive attacks | `width`, `branching_factor`, `depth` | ⭐⭐⭐⭐ Expert | | Attack Method | Keyword | Category | Use When | Parameters | Complexity | | --------------- | ------------- | -------- | -------------------------- | ---------- | ---------- | | **Raw Prompts** | `basic` | Basic | Always (baseline) | None | ⭐ Low | | **Obfuscation** | `obfuscation` | Static | Standard testing | None | ⭐⭐ Medium | | **Masking** | `masking` | Static | Visual occlusion | None | ⭐⭐ Medium | | **FigStep** | `figstep` | Static | Typographic visual prompts | None | ⭐⭐⭐ High | | **CAMO** | `camo` | Static | Cross-modal obfuscation | None | ⭐⭐⭐ High | | **FC-Attack** | `fc` | Dynamic | Auto-generated flowcharts | None | ⭐⭐⭐ High | | **HADES** 🔒 | `hades` | Static | Coming Soon | None | - | | **JOOD** 🔒 | `jood` | Dynamic | Coming Soon | None | - | 🔒 = Coming Soon. Contact [hello@enkryptai.com](mailto:hello@enkryptai.com) for access. | Attack Method | Keyword | Category | Use When | Parameters | Complexity | | --------------- | ---------- | -------- | --------------------- | ---------- | ---------- | | **Raw Prompts** | `basic` | Basic | Always (baseline) | None | ⭐ Low | | **Waveform** | `waveform` | Static | Signal manipulation | None | ⭐⭐⭐ High | | **Echo** | `echo` | Static | Audio effects | None | ⭐⭐ Medium | | **Speed** | `speed` | Static | Temporal manipulation | None | ⭐⭐ Medium | | **Pitch** | `pitch` | Static | Frequency shift | None | ⭐⭐ Medium | | **Reverb** | `reverb` | Static | Spatial effects | None | ⭐⭐ Medium | | **Noise** | `noise` | Static | SNR reduction | None | ⭐⭐ Medium | ### Quick Lookup: All Keywords * `basic` - LLM, VLM, ALM * `obfuscation` - LLM, VLM * `eai_attack` - LLM, VLM * `ascii_encoding` - LLM * `base64_encoding` - LLM * `binary_encoding` - LLM * `hex_encoding` - LLM * `url_encoding` - LLM * `leet_encoding` - LLM * `morse_encoding` - LLM * `rot13_encoding` - LLM * `rot21_encoding` - LLM * `lang_fr` - French (LLM) * `lang_it` - Italian (LLM) * `lang_hi` - Hindi (LLM) * `lang_es` - Spanish (LLM) * `lang_ja` - Japanese (LLM) * `iterative` - LLM * `multi_turn` - LLM * `rt_agent` - LLM * `masking` - VLM * `figstep` - VLM * `camo` - VLM * `fc` - VLM * `hades` 🔒 - VLM (Coming Soon) * `jood` 🔒 - VLM (Coming Soon) * `waveform` - ALM * `echo` - ALM * `speed` - ALM * `pitch` - ALM * `reverb` - ALM * `noise` - ALM * `deep_inception` - LLM ## Payload Structure ### High-Level Overview ```json theme={"system"} { "test_name": "my_redteam_test_001", // Required: Unique test identifier "dataset_configuration": { // Optional: For generating custom datasets "system_description": "Your AI system description", "policy_description": "What the model should NOT do", "max_prompts": 100, "scenarios": 2, "categories": 2, "depth": 2 }, "redteam_test_configurations": { // Required: Tests to run "test_name": { "sample_percentage": 10, "attack_methods": { "basic": {"basic": {"params": {}}}, "static": { /* encoding/obfuscation methods */ }, "dynamic": { /* adaptive attack methods */ } } } }, "endpoint_configuration": { // Required: Model to test "testing_for": "foundationModels", "model_name": "gpt-4o", "model_config": { "model_provider": "openai", "endpoint": { /* API endpoint details */ }, "auth_data": { /* Authentication config */ }, "apikeys": ["YOUR_API_KEY"], "input_modalities": ["text"], "output_modalities": ["text"] } } } ``` For complete field descriptions, see [Configuration Reference](/get-started/redteam/configuration-reference). ## Quick Start Examples ### Starter: Basic LLM Test ```json theme={"system"} { "test_name": "basic_llm_test_001", "redteam_test_configurations": { "harmful_test": { "sample_percentage": 10, "attack_methods": { "basic": {"basic": {"params": {}}} } } }, "endpoint_configuration": { "testing_for": "foundationModels", "model_name": "gpt-4o-mini", "model_config": { "model_provider": "openai", "endpoint_url": "https://api.openai.com/v1/", "apikey": "YOUR_OPENAI_API_KEY", "input_modalities": ["text"], "output_modalities": ["text"] } } } ``` ### Standard: Multi-Test Assessment ```json theme={"system"} { "test_name": "multi_test_assessment_001", "redteam_test_configurations": { "harmful_test": { "sample_percentage": 20, "attack_methods": { "basic": {"basic": {"params": {}}}, "static": { "obfuscation": {"params": {}}, "base64_encoding": {"params": {"encoding_type": "base64", "iterations": 1}} } } }, "bias_test": { "sample_percentage": 15, "attack_methods": { "basic": {"basic": {"params": {}}}, "static": {"lang_es": {"params": {}}} } }, "pii_test": { "sample_percentage": 20, "attack_methods": { "basic": {"basic": {"params": {}}} } } }, "endpoint_configuration": { "testing_for": "foundationModels", "model_name": "gpt-4o", "model_config": { "model_provider": "openai", "endpoint_url": "https://api.openai.com/v1/", "apikey": "YOUR_OPENAI_API_KEY", "input_modalities": ["text"], "output_modalities": ["text"] } } } ``` For more examples including VLM, ALM, agents, and industry-specific use cases, see the [Examples page](/get-started/redteam/examples). ## Available Test Types For comprehensive test catalogs with detailed descriptions, categories, sample prompts, and configuration examples: * [Foundation Model Test Catalog](/get-started/redteam/test-catalog) - All standard and custom tests for foundation models * [Agent Test Catalog](/get-started/redteam/agent-test-catalog) - All agent-specific tests ### Standard Tests (12 tests) Tests available for all model types: | Test | Keyword | Purpose | | -------------- | -------------------------------- | ------------------------------------------- | | Bias | `bias_test` | Identifies biased outputs | | CBRN | `cbrn_test` | Chemical, biological, radiological, nuclear | | CSEM | `csem_test` | Child abuse exploitation | | Harmful | `harmful_test` | Harm or danger promotion | | Insecure Code | `insecure_code_test` | Vulnerable code generation | | Toxicity | `toxicity_test` | Offensive content | | PII | `pii_test` | Personal information leakage | | Copyright | `copyright_test` | Copyrighted material | | Misinformation | `misinformation_test` | False information | | System Prompt | `system_prompt_extractions_test` | Prompt extraction | | Sponge | `sponge_test` | Resource exhaustion | | Competitor | `competitor_test` | Competitor information | ### Custom & Agentic Tests `custom_test` - Test with your own generated dataset For AI agents with tool use and autonomous capabilities: * `governance_test` - Alignment, goal misalignment, and policy drift * `agent_output_quality_test` - Output quality, hallucinations, bias, and toxicity * `tool_misuse_test` - API integration, supply chain, and resource consumption * `privacy_test` - Sensitive data exposure and exfiltration channels * `reliability_and_observability_test` - Data poisoning, concept drift, and opaque reasoning * `agent_behaviour_test` - Human manipulation and unsafe actuation * `access_control_and_permissions_test` - Credential theft, privilege escalation, confused deputy * `tool_extraction_test` - Tool information extraction For generated adversarial datasets: * `adv_bias_test` - Adversarial bias detection * `adv_info_test` - Sensitive information extraction * `adv_persona_test` - Persona manipulation * `adv_command_test` - Command injection * `adv_pii_test` - Advanced PII extraction * `adv_competitor_test` - Competitor information ## Best Practices Begin with `basic` attacks at low sample percentage (2-5%) to establish baseline. Add static methods, then dynamic attacks as you identify vulnerabilities. Use appropriate modalities: `["text"]` for LLM, `["text", "image"]` for VLM, `["text", "audio"]` for ALM. Run multiple test types (harmful, bias, PII) for comprehensive coverage. **Dev:** 2-5% | **Staging:** 10-20% | **Production:** 50-100% Dynamic attacks are thorough but resource-intensive. Start with static methods. ## Configuration Guidelines ### Sample Percentage by Stage ```json theme={"system"} // Development - Fast iteration { "sample_percentage": 2 // 2-5% } // Staging - Balanced testing { "sample_percentage": 15 // 10-20% } // Production - Comprehensive { "sample_percentage": 50 // 50-100% } ``` ### Attack Method Combinations ```json theme={"system"} { "attack_methods": { "basic": {"basic": {"params": {}}} } } ``` **Time:** 2-5 min | **Coverage:** Baseline ```json theme={"system"} { "attack_methods": { "basic": {"basic": {"params": {}}}, "static": { "obfuscation": {"params": {}}, "base64_encoding": {"params": {"encoding_type": "base64", "iterations": 1}} } } } ``` **Time:** 15-30 min | **Coverage:** Good ```json theme={"system"} { "attack_methods": { "basic": {"basic": {"params": {}}}, "static": { "obfuscation": {"params": {}}, "base64_encoding": {"params": {"encoding_type": "base64", "iterations": 2}}, "lang_es": {"params": {}}, "eai_attack": {"params": {}} }, "dynamic": { "iterative": { "params": { "width": 5, "branching_factor": 9, "depth": 3 } }, "multi_turn": {"params": {}} } } } ``` **Time:** 1-2 hours | **Coverage:** Excellent ## Common Parameters Number of parallel attack paths (1-10) Variations per iteration (1-15) Maximum iteration depth (1-5) Encoding iterations (1-3). Higher = more obfuscation but less comprehension ## Security & Usage Notes **Security:** * Never commit API keys to version control * Use environment variables for credentials * Rotate keys regularly * Separate test and production keys **Usage:** * Verify endpoints and keys are correct * Adjust `sample_percentage` based on dataset size * Choose attack methods appropriate for your model type * Use in accordance with provider terms of service ## Next Steps Explore comprehensive test catalogs with detailed descriptions and examples Explore detailed attack method documentation with parameters and use cases Complete reference for all configuration fields and options Browse ready-to-use examples for different scenarios and providers View the complete API specification and endpoints ## Additional Resources * [Quickstart Guide](/get-started/redteam/quickstart) - Get started with your first test * [GET Defaults API](/api-reference/models-api-reference/endpoint/get-defaults) - Supported providers and models * [Red Team Introduction](/get-started/redteam/introduction) - Overview of red teaming concepts *** This payload structure facilitates in-depth testing across various model types, allowing for comprehensive assessments of behavior and security with fine-grained control over attack parameters.